Filter
Top Products
D-45
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Appendix D CSUtil Database Utility
Posture Validation Attributes
Example D-1 shows an example of a posture validation attribute definition,
including a comment after the attribute definition:
Example D-1 Example Attribute Definition
[attr#0]
vendor-id=9
vendor-name=Cisco
application-id=1
application-name=PA
attribute-id=00001
attribute-name=Application-Posture-Token
attribute-profile=out
attribute-type=unsigned integer
; attribute 1 is reserved for the APT
A posture validation attribute is uniquely defined by the combination of its vendor
ID, application ID, and attribute ID. The following list provides details of these
values and of each line required in an attribute definition:
• [attr#n]—Attribute definition header, where n is a unique, sequential integer,
beginning with zero. CSUtil.exe uses the definition header to distinguish the
beginning of a new attribute definition. Each attribute definition must begin
with a line containing the definition header. The first attribute definition in
the file must have the header
[attr#0], the second attribute definition in a file
must have the header
[attr#1], and so on. A break in the numbering causes
CSUtil.exe to ignore attribute definitions at the break and beyond. For
example, if a file with 10 attribute definitions the fifth attribute is defined as
[attr#5] instead of [attr#4], CSUtil.exe ignores the attribute defined as
[attr#5] and remaining five the attributes following it.
Tip The value of n is irrelevant to any of the ID values in the attribute definition file.
For example, the 28th definition in a file must have the header
[attr#27], but this
does not limit or otherwise define valid values for vendor-id, application-id,
attribute-id. Neither does it limit or define the number of posture validation
attributes supported by Cisco Secure ACS.
• vendor-id—An unsigned integer, the vendor number is of the vendor
associated with the posture validation attribute. The vendor number should be
the number assigned to the vendor in the IANA Assigned Numbers RFC. For
example, vendor ID 9 corresponds to Cisco Systems, Inc.